Use After Free Vulnerability Affects Konami GPU Kernel Drivers
CVE-2024-2937

7.8HIGH

Key Information:

Vendor: Arm Ltd
Status: Bifrost Gpu Kernel Driver; Valhall Gpu Kernel Driver; Arm 5th Gen Gpu Architecture Kernel Driver
Vendor: CVE Published:; 5 August 2024

Summary

A use after free vulnerability exists in the Arm Bifrost and Valhall GPU kernel drivers, which creates a potential risk for local non-privileged users. This vulnerability can be exploited to conduct improper GPU memory processing operations, allowing access to memory that has already been freed. Affected versions include Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver, and Arm 5th Gen GPU Architecture Kernel Driver, all spanning from r41p0 to r49p0. Users of these products should evaluate the associated risks and take necessary precautions to mitigate potential impacts from this vulnerability.

Affected Version(s)

Arm 5th Gen GPU Architecture Kernel Driver r41p0

Bifrost GPU Kernel Driver r41p0

Valhall GPU Kernel Driver r41p0

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 5, 2024
Vulnerability Reserved
Mar 26, 2024